env

package
v0.0.0-...-142fde5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2024 License: Apache-2.0 Imports: 38 Imported by: 93

Documentation

Index

Constants

View Source 
const (
	RPDevARMSecretName               = "dev-arm"
	RPFirstPartySecretName           = "rp-firstparty"
	RPServerSecretName               = "rp-server"
	ClusterLoggingSecretName         = "cluster-mdsd"
	EncryptionSecretName             = "encryption-key"
	EncryptionSecretV2Name           = "encryption-key-v2"
	FrontendEncryptionSecretName     = "fe-encryption-key"
	FrontendEncryptionSecretV2Name   = "fe-encryption-key-v2"
	PortalServerSecretName           = "portal-server"
	PortalServerClientSecretName     = "portal-client"
	PortalServerSessionKeySecretName = "portal-session-key"
	PortalServerSSHKeySecretName     = "portal-sshkey"
	ClusterKeyvaultSuffix            = "-cls"
	GatewayKeyvaultSuffix            = "-gwy"
	PortalKeyvaultSuffix             = "-por"
	ServiceKeyvaultSuffix            = "-svc"
	ClusterMsiKeyVaultSuffix         = "-msi"
	RPPrivateEndpointPrefix          = "rp-pe-"
	ProxyHostName                    = "PROXY_HOSTNAME"
)
View Source 
const (
	EnvDatabaseName        = "DATABASE_NAME"
	EnvDatabaseAccountName = "DATABASE_ACCOUNT_NAME"
)
View Source 
const (
	KeyvaultPrefix         = "KEYVAULT_PREFIX"
	OIDCAFDEndpoint        = "OIDC_AFD_ENDPOINT"
	OIDCStorageAccountName = "OIDC_STORAGE_ACCOUNT_NAME"
)
View Source 
const (
	SharedMSIKeyVaultNameSuffix = "-dev-msi"
)

Variables

This section is empty.

Functions

func DBAccountName 

func DBAccountName() (string, error)

Fetch the database account name from the environment.

func DBName 

func DBName(c Core) (string, error)

func FeatureStrings 

func FeatureStrings() []string

FeatureStrings returns a slice of all String values of the enum

func IsCI 

func IsCI() bool

func IsLocalDevelopmentMode 

func IsLocalDevelopmentMode() bool

func ValidateVars 

func ValidateVars(vars ...string) error

ValidateVars iterates over all the elements of vars and if it does not exist an environment variable with that name, it will return an error. Otherwise it returns nil.

Types

type ARMHelper 

type ARMHelper interface {
	EnsureARMResourceGroupRoleAssignment(context.Context, string) error
}

type CertificateRefresher 

type CertificateRefresher interface {
	Start(context.Context) error
	GetCertificates() (*rsa.PrivateKey, []*x509.Certificate)
}

type Core 

type Core interface {
	IsLocalDevelopmentMode() bool
	IsCI() bool
	NewMSITokenCredential() (azcore.TokenCredential, error)
	NewMSIAuthorizer(scope string) (autorest.Authorizer, error)
	NewLiveConfigManager(context.Context) (liveconfig.Manager, error)
	instancemetadata.InstanceMetadata

	Component() string
	Logger() *logrus.Entry
}

Core collects basic configuration information which is expected to be available on any PROD service VMSS (i.e. instance metadata, MSI authorizer, etc.)

func NewCore 

func NewCore(ctx context.Context, log *logrus.Entry, component ServiceComponent) (Core, error)

func NewCoreForCI 

func NewCoreForCI(ctx context.Context, log *logrus.Entry) (Core, error)

NewCoreForCI returns an env.Core which respects RP_MODE but always uses AZURE_* environment variables instead of IMDS. This is used for entrypoints which may run on CI VMs. CI VMs don't currently have MSI and hence cannot resolve their tenant ID, and also may access resources in a different tenant (e.g. AME).

type Feature 

type Feature int
const (
	FeatureDisableDenyAssignments Feature = iota
	FeatureDisableSignedCertificates
	FeatureEnableDevelopmentAuthorizer
	FeatureRequireD2sV3Workers
	FeatureDisableReadinessDelay
	FeatureEnableOCMEndpoints
	FeatureRequireOIDCStorageWebEndpoint
	FeatureUseMockMsiRp
)

At least to start with, features are intended to be used so that the production default is not set (in production RP_FEATURES is unset).

func FeatureString 

func FeatureString(s string) (Feature, error)

FeatureString retrieves an enum value from the enum constants string name. Throws an error if the param is not part of the enum.

func FeatureValues 

func FeatureValues() []Feature

FeatureValues returns all values of the enum

func (Feature) IsAFeature 

func (i Feature) IsAFeature() bool

IsAFeature returns "true" if the value is listed in the enum definition. "false" otherwise

func (Feature) String 

func (i Feature) String() string

type Interface 

type Interface interface {
	Core
	proxy.Dialer
	ARMHelper

	InitializeAuthorizers() error
	ArmClientAuthorizer() clientauthorizer.ClientAuthorizer
	AdminClientAuthorizer() clientauthorizer.ClientAuthorizer
	ClusterGenevaLoggingAccount() string
	ClusterGenevaLoggingConfigVersion() string
	ClusterGenevaLoggingEnvironment() string
	ClusterGenevaLoggingNamespace() string
	ClusterGenevaLoggingSecret() (*rsa.PrivateKey, *x509.Certificate)
	ClusterKeyvault() keyvault.Manager
	ClusterMsiKeyVaultName() string
	Domain() string
	FeatureIsSet(Feature) bool
	// TODO: Delete FPAuthorizer once the replace from track1 to track2 is done.
	FPAuthorizer(string, []string, ...string) (autorest.Authorizer, error)
	FPNewClientCertificateCredential(string, []string) (*azidentity.ClientCertificateCredential, error)
	FPClientID() string
	Listen() (net.Listener, error)
	GatewayDomains() []string
	GatewayResourceGroup() string
	ServiceKeyvault() keyvault.Manager
	ACRResourceID() string
	ACRDomain() string
	OIDCStorageAccountName() string
	OIDCEndpoint() string
	OIDCKeyBitSize() int
	MsiRpEndpoint() string
	MsiDataplaneClientOptions(msiResourceId *arm.ResourceID) (*policy.ClientOptions, error)
	AROOperatorImage() string
	LiveConfig() liveconfig.Manager

	// VMSku returns SKU for a given vm size. Note that this
	// returns a pointer to partly populated object.
	VMSku(vmSize string) (*mgmtcompute.ResourceSku, error)
}

Interface is clunky and somewhat legacy and only used in the RP codebase (not monitor/portal/gateway, etc.). It is a grab-bag of items which modify RP behaviour depending on where it is running (dev, prod, etc.) Outside of the RP codebase, use Core. Ideally we might break Interface into smaller pieces, either closer to their point of use, or maybe using dependency injection. Try to remove methods, not add more. A refactored approach to configuration is generally necessary across all of the ARO services; dealing with Interface should be part of that.

func NewEnv 

func NewEnv(ctx context.Context, log *logrus.Entry, component ServiceComponent) (Interface, error)

type MSIContext 

type MSIContext string
const (
	MSIContextRP      MSIContext = "RP"
	MSIContextGateway MSIContext = "GATEWAY"
)

type ServiceComponent 

type ServiceComponent string
const (
	COMPONENT_RP                  ServiceComponent = "RP"
	COMPONENT_GATEWAY             ServiceComponent = "GATEWAY"
	COMPONENT_MONITOR             ServiceComponent = "MONITOR"
	COMPONENT_OPERATOR            ServiceComponent = "OPERATOR"
	COMPONENT_MIRROR              ServiceComponent = "MIRROR"
	COMPONENT_PORTAL              ServiceComponent = "PORTAL"
	COMPONENT_UPDATE_OCP_VERSIONS ServiceComponent = "UPDATE_OCP_VERSIONS"
	COMPONENT_UPDATE_ROLE_SETS    ServiceComponent = "UPDATE_ROLE_SETS"
	COMPONENT_DEPLOY              ServiceComponent = "DEPLOY"
	COMPONENT_TOOLING             ServiceComponent = "TOOLING"
	COMPONENT_MIMO_SCHEDULER      ServiceComponent = "MIMO_SCHEDULER"
	COMPONENT_MIMO_ACTUATOR       ServiceComponent = "MIMO_ACTUATOR"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.